1,885
edits
Changes
SEC830
,New page: <span style="background: #ffff00">'''Note!''' This information is under revision.</span> = SEC830 - Security Issues = == Professor == SYA810 is taught by John Selmys (Wi...
<span style="background: #ffff00">'''Note!''' This information is under revision.</span>
= SEC830 - Security Issues =
== Professor ==
SYA810 is taught by [[User:Selmys|John Selmys]] (Winter 2009)
== Weekly Outline ==
See the [[Winter 2009 SEC830 Weekly Schedule]] for specific dates and topics.
== Subject Description ==
When the Internet became a public medium in 1992, every connected computer became an instant target for crackers. This subject deals with Internet security, networking and operating system issues. Topics include wrapper and proxy programs, securing TCP/IP services, host security and passwords, SUID/GUID files, cryptography, firewalls, root kits, intrusion prevention and detection, and dealing with break-ins.
=== Credit Status ===
1 credit in the LUX program.
=== Prerequisites ===
SYA710
=== Specific Outcomes ===
Upon successful completion of this subject students should be able to:
* install and use encryption software
* set up the Secure Shell
* identify and disable unused system services
* audit the security of a Linux system.
* enable and use wrappers and proxies
* recognize and recover from various attacks
* create and maintain system backups
** configure a Linux firewall
** use current security tools
** setup intrusion prevention and detection systems
** monitor and restrict logins
** install, configure and administrate Pluggable Authentication Modules
=== Topic Outline ===
* Overview of Unix Security - 5%
** common vulnerabilities and attacks
** security policies
* User Responsibilities - 15%
** users, groups and passwords
** permissions (including suid/sgid)
** files and directories
** encryption
** access control lists (ACLs)
* System Security - 15%
** backups
** monitoring accounts
** system logs
** privileged access
* Network Security - 20%
** trusted hosts
** securing network services
** firewalls
** network file systems (NFS CIFS)
** wireless security
* The Secure Shell (SSH) - 10%
** Installation and Configuration
* Pluggable Authentication Modules (PAM) - 10%
** Installation, Configuration, Administration
* Security Tools - 15%
** Tripwire, Crack, Satan, Saint
** Root kits
** Tiger, COPS
** Sniffers (tcpdump, sniffit, kismet)
** Port Scanning using nmap
* Intrusion Prevention - 10%
** AppArmor
** SELinux
=== Modes Of Instruction ===
* 2 hours interactive lecture per week, and 2 hours lab time per week
=== Prescribed Text ===
* Hack Notes: Linux and Unix Security Portable Reference by Nitesh Dhanjani; ISBN 0-07-222786-9 published by McGraw-Hill/Osborne
=== Reference Material ===
* Linux System Security by Scott Mann, Ellen Mitchell and Mitchell Krell, 2002 Pearson, 2nd Edition. ISBN 0130470112
* UNIX Security by editors of Sys Admin magazine 1997 R&D Books/Miller Freeman ISBN 0-87930-471-5
* Practical UNIX and Internet Security by Simson Garfinkel and Gene Spafford 1996 - 2nd Edition O'Reilly & Associates, Inc. ISBN 1-56592-148-8
=== Supplies ===
* None
=== Promotion Policy ===
To obtain a credit in this subject, a student must:
* Achieve a grade of 55% or better on the final exam
* Satisfactorily complete all assignments
* Achieve a weighted average of 55% or better for the tests and final exam
* Achieve a grade of 55% or better on the overall course
=== Modes of Evaluation ===
* 30% Assignments/Labs
* 40% Final Exam
* 30% Midterm Test
= SEC830 - Security Issues =
== Professor ==
SYA810 is taught by [[User:Selmys|John Selmys]] (Winter 2009)
== Weekly Outline ==
See the [[Winter 2009 SEC830 Weekly Schedule]] for specific dates and topics.
== Subject Description ==
When the Internet became a public medium in 1992, every connected computer became an instant target for crackers. This subject deals with Internet security, networking and operating system issues. Topics include wrapper and proxy programs, securing TCP/IP services, host security and passwords, SUID/GUID files, cryptography, firewalls, root kits, intrusion prevention and detection, and dealing with break-ins.
=== Credit Status ===
1 credit in the LUX program.
=== Prerequisites ===
SYA710
=== Specific Outcomes ===
Upon successful completion of this subject students should be able to:
* install and use encryption software
* set up the Secure Shell
* identify and disable unused system services
* audit the security of a Linux system.
* enable and use wrappers and proxies
* recognize and recover from various attacks
* create and maintain system backups
** configure a Linux firewall
** use current security tools
** setup intrusion prevention and detection systems
** monitor and restrict logins
** install, configure and administrate Pluggable Authentication Modules
=== Topic Outline ===
* Overview of Unix Security - 5%
** common vulnerabilities and attacks
** security policies
* User Responsibilities - 15%
** users, groups and passwords
** permissions (including suid/sgid)
** files and directories
** encryption
** access control lists (ACLs)
* System Security - 15%
** backups
** monitoring accounts
** system logs
** privileged access
* Network Security - 20%
** trusted hosts
** securing network services
** firewalls
** network file systems (NFS CIFS)
** wireless security
* The Secure Shell (SSH) - 10%
** Installation and Configuration
* Pluggable Authentication Modules (PAM) - 10%
** Installation, Configuration, Administration
* Security Tools - 15%
** Tripwire, Crack, Satan, Saint
** Root kits
** Tiger, COPS
** Sniffers (tcpdump, sniffit, kismet)
** Port Scanning using nmap
* Intrusion Prevention - 10%
** AppArmor
** SELinux
=== Modes Of Instruction ===
* 2 hours interactive lecture per week, and 2 hours lab time per week
=== Prescribed Text ===
* Hack Notes: Linux and Unix Security Portable Reference by Nitesh Dhanjani; ISBN 0-07-222786-9 published by McGraw-Hill/Osborne
=== Reference Material ===
* Linux System Security by Scott Mann, Ellen Mitchell and Mitchell Krell, 2002 Pearson, 2nd Edition. ISBN 0130470112
* UNIX Security by editors of Sys Admin magazine 1997 R&D Books/Miller Freeman ISBN 0-87930-471-5
* Practical UNIX and Internet Security by Simson Garfinkel and Gene Spafford 1996 - 2nd Edition O'Reilly & Associates, Inc. ISBN 1-56592-148-8
=== Supplies ===
* None
=== Promotion Policy ===
To obtain a credit in this subject, a student must:
* Achieve a grade of 55% or better on the final exam
* Satisfactorily complete all assignments
* Achieve a weighted average of 55% or better for the tests and final exam
* Achieve a grade of 55% or better on the overall course
=== Modes of Evaluation ===
* 30% Assignments/Labs
* 40% Final Exam
* 30% Midterm Test